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REMARKS /ARGUMENTS 

This Amendment is submitted in response to the Final 
Office Action dated November 30, 2007. The deadline for 
responding is February 29, 2008. 

■ 

X* Introduction 



Claims 1, 2, 4, and 30 have been amended to clarify the 
claimed features. No new matter has been added. 

■ 

Claims 1-5, 7-12, 14-18, 30, and 31 stand rejected under 

4 

35 U.S.C. 102(e) as being anticipated by U.S. Patent 
Publication No. 20040039938 to Katz et al . (hereinafter "the 
Katz et al . publication"). Claim 6 stands rejected under 3 5 
U.S.C. 103(a) as being unpatentable over the Katz Publication 
in view of U.S. Patent Publication No. 20020112073 to Bearden 
et al. (hereinafter "the Bearden et al . publication" ). Claims 
13, 19, and 32 stand rejected under 35 U.S.C. 103(a) as being 
unpatentable over the Katz et al . publication in view of 
Patent Publication No. 20020112073 to MeLampy et al . 

* 

(hereinafter "the MeLampy et al . publication"). Claims 20, 
21, 25, 26, and 27 stand rejected under 35 U.S.C. 103(a) as 
being unpatentable over the Katz et al. publication in view 
of Patent Publication No. 20030195861 to McClure et al. 

(hereinafter "the McClure et al . publication") . Claims 22, 
23, 28, and 29 stand rejected under 3 5 U.S.C. 103(a) as being 
unpatentable over the Katz et al . publication and the McClure 
et al ■ publication and further in view of the MeLampy et al . 
publication" ) . 

As. will be discussed below, none of the pending claims, 

* 

as amended, are anticipated or rendered obvious by the 
applied references. 
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II. Claims 1-6 are Patentable Under §102 and/or §103 



Claim 1 , as amended, contains the feature [emphasis 
added] : 



A method of testing a firewall comprising: 
transmitting at least one of a session 
initiation signal to initiate a communications 
session through said firewall and a session 
termination signal used to terminate an established 
communications session; and 

monitoring to determine from the time of at 
least one said transmitted signal at least one of a 
port opening delay which occurs in regard to a 
session initiation signal and opening a port in 
said firewall for a communications session that is 
being initiated^ and a port closing delay which 
occurs in regard to a session termination signal 
and closing a port in said firewall when 
terminating an established communications session. 

The Katz et al . publication discloses, at paragraph 
[0024] lines 1-5 (emphasis added) : 

"Ref erring to step 115, the client can measure the 

network latency between the client and the server. 
As defined herein, network latency- is an expression 
of how much time It takes a packet of data to get 
from one designated point to another 4 " 

Further in the paragraph, at lines!3-15: 

"The round-trip network latency can be computed as 
the difference between the send time and the receive 
t ime . " 

Then , at paragraph {0028] , at lines 8-11 (emphasis 
added) : 

"The open port duration can be re-calculated with 
each new network latency measurement or when the 

-12- 
PAGE 16/32 * RCVD AT 1/31/2008 3:18:52 PM [Eastern Standard Time] * SVR:USPTO-EFXRF-5/1 5 * DNIS:2738300 * CSID: 17325429071 * DURATION (mm-ss): 05-36 



01/31/2008 15:38 FAX 17325429071 ©017/032 



network latency varies more than a predetermined 
percentage or amount . " 

The Katz et al. publication does not teach or suggest 
monitoring to determine from the time of a session initiation 
signal a port opening delay (which occurs in regard to a 
session Initiation signal and opening a port in said firewall 
for a communications session that is being initiated) . 

Katz measures network latency, and controls the "open 
port duration" (the time between a port opening and closing", 
not the time between "a session initiation signal and opening 
a port 77 . 

» 

The Examiner states at 3.1 of the Office Action that: "A. 
delay is defined as the time period between two events." 
While that may be true, the two events in claim 1 are w a 
session initiation signal and opening a port" . "Monitoring" 
or "determining" the time between these events is not taught, 
suggested, or mentioned in the Katz et al. publication. 
Similarly, the Katz et al . publication does not teach 
"monitoring to determine from the time of a session 
termination signal" to "closing a port in said firewall". 

The Examiner states at the end of 3.1: The delay value 
is the time period for a transition from one state to the 
next state." First, this definition does not apply to the 
features of claim 1, as described above. Second, even if it 
did, as shown above, these features are not taught or 
suggested in the Katz et al . publication. 

For at least these reasons, claim 1, as amended, is 
patentable over the Katz et al- publication* 
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Claims 2-6 , for at least the reason of being dependent 
on allowable claim 1, are therefore also patentable over the 
Katz et al « . publication. 

Claim 2, as amended, is additionally patentable 
over the Katz et al , publication because it contains the 
features [emphasis added] : 

transmitting' session Initiation signals at an 
increasing rate through said firewall to cause the 
opening of ports in said firewall, 

measuring the effect of said increasing rate of 
session initiation signals on opening delay time 
associated with opening a port in response to 
transmitted session initiation signals; and 

transmitting session termination signals at an 
Increasing rate through said firewall to cause the 
closing of ports in said firewall, 

measuring the effect of said Increasing rate of 
session termination signals on closing delay time 
associated with closing a port in response to 
transmitted session termination signals. 

The Examiner states in 3.2: "The Katz prior art 
discloses the dynamic adjustment (increasing) of session 
signaling information (session opening and session closing) . 
(see Katz paragraph [0013], lines 5-9; paragraph [0030], 
lines 1-4; dynamically adjust port opening, port closing). 

It can readily be seen that the Katz et al. publication 
teaches changing the "opening port duration' 7 (see above) ; 
not, as the amended claim 2 discloses, the transmission of 
"session origination signals" to "measure the effect of said 
increasing rate of session origination signals on opening 
time delay" . Nor does it teach or suggest the transmission 
of "session termination signals" to "measure the effect of 
said increasing rate of session termination signals on 
closing time delay". 

-14- 
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For at least these additional reasons, claim 2 is 
patentable over the cited reference. 

Claim 4, as amended, is additionally patentable for the 
following features: 

transmitting session initiation signals at an 
increasing rate through said firewall to cause the 
opening of ports in said firewall, 

measuring the effect of said increasing rate of 
session initiation signals on opening delay time 
associated with opening a port in response to said 
session initiation signals; and 

transmitting session termination signals at an 
increasing rate through said firewall to cause the 
closing of ports in said firewall, 

measuring the effect of said increasing rate of 
session termination signals on closing delay time 
associated with closing a port in response to said 
session termination signals 

The Examiner cites paragraph 0013, lines 5-9 to support 
u transmit ting session signals at an increasing rate". First, 
amended claim 4 now contains the feature: "transmitting 
session initiation signals at an increasing rate". However, 
the citation to the Katz et al, publication reads: n In 
particular, the present invention provides a solution for 
dynamically varying the timing of port openings and closings 
according to a latency value to optimize the time duration 
that ports are open". There is no mention or suggestion of 
"transmitting session initiation signals at an increasing 
rate" or of "measuring the effect of said increasing rate" on 
"opening delay time". The Katz et al . publication reference 
is to changing the duration of port openings. 

The Examiner goes on to cite paragraph 0030, lines 1-4 
[emphasis added] : "In consequence, the port openings and 
v closings can be timed using a dynamically changing open port 

duration to keep the port openings and closings optimized for 
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the network environment" . Again, there is no mention of 
"transmitting session initiation signals at an increasing 
rate" or of "measuring the effect of said increasing rate" on 
"opening delay time". The reference is to change the duration 
of port openings . 

The Examiner goes on to cite paragraph 0034 , lines 1-5 
(see citation above) , which refers to "monitoring network 
latency" to "dynamically adjust the open port duration" . 
There is no mention of "transmitting session initiation 
signals at an increasing rate" or of "measuring the effect of 
said increasing rate" on "opening delay time". 

Finally, the Examiner cites paragraph 0024, lines 5-9, 
which disclose timing the sending of a packet and the receipt 
of the packet to determine "network latency" , not 
"transmitting session initiation signals at an increasing 
rate' 7 or of "measuring the effect of said increasing rate" on 
"opening delay time" . 

The above arguments are just as applicable to amended 
claim .4's features of "transmitting session termination 
signals at an increasing rate", and "measuring the effect of 
said increasing rate" on "closing delay time" . 

Claim 5 is additionally patentable over the cited 

reference as it contains the further feature: 

determining an average closing delay for each 
of a plurality of different session signaling 
rates. 

The Examiner cites paragraph 0030, lines 1-4: "In 
consequence, the port openings and closings can be timed 
using a dynamically changing open port duration to keep the 
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port openings and closings optimized for the network 
environment". There is no mention or suggestion of "closing 
delays", to say nothing of "average closing delays", or of 
different "session signaling* rates" . The duration of the port 
openings are changed, not the "signaling rates" transmitted 
toward the port. 

For at least these additional reasons, claim 5 is 
patentable over the cited reference. 

Regarding claim 6, it should be noted that the Bearden 
et al . publication does not supply any of the above noted 
deficiencies in the Katz et al . publication reference. 
III. Claims 7-13 are Patentable Under §102 and/or §103 



Claim 7 contains the feature [emphasis added] : 

measuring- a port closing delay time associated 
with the closing of said at least one port 
following the transmission of said signal to 
terminate said communications session 

The Katz et al. publication does not teach or suggest a 
port closing delay time. As discussed above in relation to 
claim 1, the Katz et al. publication controls or adjusts the 
opening and closing of ports, but does not teach, suggest, or 
reference "port closing delay times". 

For at least these reasons, claim 7 is patentable, over 

4 

the Katz et al> publication. 

Claims 8-13 , for at least the reason of being dependent 
on allowable claim 7, are therefore also patentable over the 
Katz et al . publication* 

4 
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It should be noted that the MeLampy et al . publication 
does not supply any of the above noted deficiencies in the 
Katz et al . publication reference. 

Claim 8 is additionally patentable over the cited 

reference as it contains the further feature: 

wherein said port closing delay is a time 
period which occurs between the time a signal used 
to cause the closing of the port is detected and 
said port ceases to allow communications signals to 
pass through from the first side of said firewall 
to the second side of said firewall 

The Examiner cites paragraph 0027, lines 6-9 [emphasis 
added] : * Importantly, referring to decision block 130 and 
step 135, the network open port duration can be used to time 

> 

port openings and closings so that the client and server 
remain synchronized until a communication session is 
complete . " 

Again , the Katz et al , publication discloses timing port 
openings and closings, whereas claim 8 discloses: a "port 
closing delay", which is further defined as: "a time period 
which occurs between the time a signal used to cause the 
closing of the port is detected and said port ceases to allow 
communications signals to pass through from the first side of 
said firewall to the second side of said firewall". 

There is no mention or suggestion in the Katz et al. 
publication of determining when a signal to cause the closing 
of the port is detected", nor of the time that "said port 
ceases to allow communications signals to pass through", or 
to measure the time period between those two events . 

The Examiner further cites paragraph 0024, lines 5-9 
[emphasis added] : "to determine the network latency, a client 
can note the time when a packet, such as a client request, is 
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sent to a server. The client then can note the time a servex 
acknowledgement is received in response to the packet " . 
Again, there is no teaching or suggestion of determining when 
a signal to cause the closing of the port is detected", nor 
of the time that "said port ceases to allow communications 
signals to pass through", or to measure the time period 
between those two events. 

For at least these additional reasons, claim 8 is 
patentable over the cited reference. 

■ 

Claim 11 is additionally patentable over the cited 

reference as it contains the further feature: 

determining the level of session signaling that 
causes a closing delay time which exceeds a 
preselected maximum closing delay time. 

The Examiner cites paragraph 0024, lines 5-9 [emphasis 
added] : "to determine the network latency, a client can note 
the time when a packet, such as a client request, is sent to 
a server. The client then can note the time a server 
acknowledgement is received in response to the packet" • This 
reference does not teach or suggest "closing delay time", to 
say nothing of "determining the level of session signaling 
that causes" such a delay. There is also no suggestion of a 
"preselected maximum closing delay time" . 

The Examiner also cites paragraph 0025, lines 7-9: 
"Alternatively, the measured round- trip latency can be scaled 
by adding a predetermined time value." 

Again, the Katz et al . publication discloses determining 
a duration of keeping a port open, based upon a factor times 
the network latency. This is not related to a "closing 
delay", or how such a closing delay is affected by varying 
levels of "session signaling". 
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For at least these additional reasons, claim 11 is 
patentable over the cited reference. 



Claim 12 is additionally patentable over the cited 

reference as it contains the further feature: 

determining the amount of firewall processing 
power required for a particular application based 
on an expected traffic load and said monitored 
information indicating the effect of session 
signaling of different loads on said closing delay. 

The Examiner cites paragraph 0034, lines 5-8 [emphasis 
added] : w For example, the open port duration can be adjusted 

to account for network congestion, server load, and other 
circumstances that affect network latency" . 

There is nothing in this reference related to "closing 
delay", "expected traffic load", or "determining the amount 
of firewall processing power required" . 

For at least these additional reasons, claim 12 is 
patentable over the cited reference. 

XV. Claims 14-19 are Patentable Under §102 and/or §103 



Claim 14 contains the feature [emphasis added] : 

» 

determining a time when said test signals first 
pass through said at least one port, said at least 
one port being opened in response to said signal to 
initiate a communications session; and 

determining a port opening delay which occurs 
in regard to opening a port in said firewall for 
said communications session from said determined 
time 
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The Examiner cites paragraph 0030, lines 1-4: "In 
consequence, the port openings and closings can be timed 
using a dynamically changing open port duration to keep the 
port openings and closings optimized for the network 
environment" . Again, the Katz et al. publication times port 
opening duration (time between opening a port and closing a 
port) . There is no measurement of **a time when said test 
signals first pass through, said at least one port" , nor can 
there be a measurement of the "port opening delay" , by 
comparing the determined time to the "signal to initiate a 
communications session". As described above, there is no 
teaching or suggestion of measuring a "port opening delay" 
for any purpose. 

The Examiner states at 3.5 of the Office Action that the 
Katz et al . publication time discloses : "a time stamp for 
communications that pass through a communications session 
(session signaling) interface. The opening of a port is a 
communications initiation function and is the first signal to 
pass through a communications session interface." Applicant 
is unsure of what it means to "pass through a communications 
session interface". However, Applicant is sure that the Katz 
et al . publication does not teach or suggest "determining a 
time when said test signals first pass through said at least 
one port"* The cited references in the Katz et al . 
publication disclose "a time the client sends a request", w a 
time the client receives a response", and the "open port 
duration" (paragraph [0014] ) . None of these teach or suggest 
"test signals", or when such signals "first pass through said 
at least one port". 

The Examiner next cites paragraph 0024, lines 5-9 
[emphasis added] : "to determine the network latency, a client 
can note the time when a packet, such as a client request, is 
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sent to a server. The client then can note the time a server 
acknowledgement is received in response to the packet" . 

Again, as explained above, the Katz et al . publication 
is measuring the n network latency", not "port opening delay". 

For at least these reasons, claim 14 is patentable over 
the Katz et al ♦ publication. 

* 

Claims 15-19 , for at least the reason of being dependent 
on allowable claim 14, are therefore also patentable over the 
Katz et al. publication. 

It should be noted that the MeLampy et al . publication 
does not supply any of the above noted deficiencies in the 
Katz et al . publication reference. 

V. Claims 30-32 are Patentable Ttoder §102 and/or §103 



Claim 30, as amended, contains the feature [emphasis 
added] : 

♦ 

transmitting- session termination signals used to 
control the termination of communications sessions 
through said firewall at an increasing rate; and 

measuring the effect of the increasing rate of 
session termination signals on port closing delays 
associated with the termination of communications 
sessions through said firewall . 

The Examiner cites paragraph 0013, lines 5-9 to support 
* transmitting session signals at an increasing rate' 7 . 
However, the citation reads: %> In particular, the present 
invention provides a solution for dynamically varying the 
timing of port openings and closings according to a latency 
value to optimize the time duration that ports are open". 
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There is no mention of " transmit ting session termination 
signals ...at an increasing rate" or of "measuring the effect 
of the increasing rate" on "port closing delays". The 
reference is to change the duration of port openings . 

The Examiner goes on to cite paragraph 0030, lines 1-4 
[emphasis added] : "In consequence, the port openings and 
closings can be timed using a dynamically changing open port 
duration to keep the port openings and closings optimized for 
the network environment". Again, there is no mention of 
"transmitting session termination signals ,..at an increasing 
rate" or of "measuring the effect of the increasing rate" on 
"port closing delays". The reference is to change the 
duration of port openings. 

The Examiner goes on to cite paragraph 0034, lines 1-5 
(see citation above), which refers to "monitoring network 
latency" to "dynamically adjust the open port duration" . 
There is no mention of "transmitting session termination 
signals ...at an increasing rate" or of "measuring the effect 
of the increasing rate" on "port closing delays". 

For at least these reasons, claim 30 is patentable over 
the Katz et al . publication. 

Claims 31-32 , for at least the reason of being dependent 
on allowable claim 30, are therefore also patentable over the 
Katz et al ■ publication. 

It should be noted that the MeLampy et al . publication 
does not supply any of the above noted deficiencies in the 

* 

Katz et al . publication reference. 

VI. Claims 20-24 are Patentable Under §102 and/or §103 
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Claim 20 contains the feature [emphasis added] : 

an analysis modulo for determining at least a 
port closing delay from a session signal time and a 
time probe signals are detected to stop passing 
through a port in said firewall corresponding to an 
initiated communications session. 

As discussed above, the Katz et al > publication does not 
teach or suggest ''port closing delay" , for any purpose, but 
certainly not by determining the time from "a session signal 
time" and a *time probe signals are detected to stop passing 
through a port". 

The Examiner goes on to cite the McClure et al . 
publication. However, the McClure et al . publication does not 
monitor "port closing delay". For example, at paragraph 0162, 
lines 3-5: "the ICMP scanning process sends 100 ICMP echo 
requests and monitors, responses and time-outs." There is no 
determination of the time from "a session signal time" and a 
"time probe signals are detected to stop passing through a 
port" . 

* 

The Examiner goes on to cite paragraph 0171, lines 1-4: 
"For each open TCP port located during the service, discovery 
phase, a TCP data probe is sent to that port if the port is 
known to by typically associated with a particular service," 
Again, there is no timing of port delays. 

The Examiner next cites paragraph 0172, lines 1-4, which 

■ 

also doesn't teach or suggest determination of the time from 
"a session signal time" and a "time probe signals are 
detected to stop passing through a port". The cited portion 
states: "For each UDP port discovered during the service 
discovery phase, a similar UDP data probe is sent to each UDP 
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port on the target computer known to be typically associated 
with a service." Sending a probe out will not result in a 
determination of *port opening delays" or "port closing 
delays", but will simply identify which ports are open or 
closed at any given time. 

Therefore, since neither the Katz et al. publication nor 
the McClure et al . publication teach or suggest the features 
of claim 20, no combination of the references could do so. 

For at least these reasons, claim 20 is patentable over 
the Katz et al> publication, in conjunction with the McClure 
et al, publication. 

Claims 20-24 , for at least the reason of being dependent 
on allowable claim 20, are therefore also patentable over any 
combination of the cited references. 

* 

VII. Claims 25-29 are Patentable Under §102 and/or §103 

Claim 25 contains the feature [emphasis added] : 

a test signal analyzer for detecting probe 
signals passing through said first side of said 
firewall to said second side of said firewall and 
for determining port closing delays as measured 
from the time the test signal analyzer detects a 
signal used to close a port in said firewall and 
said analyzer ceases to detect test signals passing 
through said firewall . 

As discussed above, the Katz et al . publication does not 
teach or suggest ^determining port closing delays' 7 or 
measuring the "time the test signal analyzer detects a signal 
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used to close a port in said firewall and said analyzer 
ceases to detect test signals passing through said firewall" ♦ 

The Examiner cites the McClure et al . publication in 
conjunction with the Katz et al . publication. As discussed 
above, the McClure et al . publication does not monitor "port 
closing delays". For example, at paragraph 0162, lines 3-5: 
"the ICMP scanning process sends 100 ICMP echo requests and 
monitors responses and time-outs." There is no determination 
of the time from "a session signal time" and a "time the test 
signal analyzer detects a signal used to close a port in said 
firewall and said analyzer ceases to detect test signals 
passing through said firewall" . 

The Examiner goes on to cite paragraph 0171, lines 1-4: 
"For each open TCP port located during the service discovery 
phase, a TCP data probe is sent to that port if the port is 
known to by typically associated with a particular service." 
Again/ there is no timing of port delays. 

The Examiner next cites paragraph 0172, lines 1-4: "For 
each UDP port discovered during the service discovery phase, 
a similar UDP data probe is sent to each UDP port on the 
target computer known to be typically associated with a 
service . ^ Sending a probe out will not result in a 
determination of "port opening delays" or "port closing 
delays", but will simply identify which ports are open or 
closed at any given time. 

For at least these reasons, claim 25 is patentable over 
the Katz et al> publication in conjunction with the McClure 
et al. publication . 
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Claims 26-29 , for at least the reason of being dependent 
on allowable claim 25, are therefore also patentable over any 
combination of the cited references* 



VIII . Conclusion 



In view of the foregoing amendment and remarks, it 
is respectfully submitted that the pending claims are in 
condition for allowance. Accordingly, it is requested that 
the Examiner pass this application to issue. 

If there are any outstanding issues which need to be 
resolved to place the application in condition for allowance 
the Examiner is requested to call (732-542-9070) and schedule 
an interview with Applicant's undersigned representative. To 

the extent necessary, a petition for extension of time under 
37 C.F.R. 1.13 6 is hereby made and any required fee in regard 
to the extension or this amendment is authorized to be 
charged to the deposit account of Straub & Pokotylo, deposit 
account number 50-1049. 



None of the statements or discussion made herein are 
intended to be an admission that any of the applied 
references are prior art to the present application and 
Applicants preserve the right to establish that one or more 
of the applied references are not prior art. 

Respectfully submitted, 



January 31, 2008 



Michael P. Straub Attorney 
Reg. No. 36,941 
Tel.: (732) 542-9070 
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I hereby certify that this paper (and any accompanying 
paper(s)) is being facsimile transmitted to the United States 
Patent Office on the date shown below. 

Michael P . Straub 

Type or print name of person signing certification 
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